Thursday, 3 April 2025
24.9 C
Singapore
26.8 C
Thailand
20.7 C
Indonesia
27 C
Philippines

Open-source machine learning systems face increasing security threats

Open-source machine learning tools face rising security threats, with recent findings highlighting critical vulnerabilities across key frameworks.

Recent research has uncovered significant security vulnerabilities in open-source machine learning (ML) frameworks, putting sensitive data and operations at risk. As ML adoption grows across industries, so does the urgency of addressing these threats. The vulnerabilities, identified in a report by JFrog, reveal gaps in ML security compared to more established systems like DevOps and web servers.

Critical vulnerabilities in ML frameworks

Open-source ML projects have seen a rise in security flaws, with JFrog reporting 22 vulnerabilities across 15 ML tools in recent months. Two primary concerns concern server-side components and privilege escalation risks within ML environments. These vulnerabilities could allow attackers to access sensitive files, gain unauthorised privileges, and compromise the entire ML workflow.

One significant flaw involves Weave, a Weights & Biases (W&B) tool that tracks and visualises ML model metrics. The WANDB Weave Directory Traversal vulnerability (CVE-2024-7340) allows attackers to exploit improper input validation in file paths. By doing so, they can access sensitive files, including admin API keys, enabling privilege escalation and potentially compromising ML pipelines.

Another affected tool is ZenML, which manages MLOps pipelines. A critical flaw in ZenML Cloudโ€™s access control lets attackers with minimal access privileges escalate permissions. This could expose confidential data like secrets and model files, allowing attackers to manipulate pipelines, tamper with model data, or disrupt production environments dependent on these pipelines.

Risks of privilege escalation and data breaches

Other vulnerabilities highlight the risks of privilege escalation in ML systems. The Deep Lake Command Injection (CVE-2024-6507) found in the Deep Lake database is particularly severe. This database, designed for AI applications, suffers from improper command sanitisation, allowing attackers to execute arbitrary commands. Such breaches could compromise the database and connected applications, leading to remote code execution.

Vanna AI, a natural language SQL query generation tool, also has a serious vulnerability. The Vanna.AI Prompt Injection (CVE-2024-5565) flaw lets attackers inject malicious code into SQL prompts, which can result in remote code execution. This poses risks like manipulated visualisations, SQL injections, or data theft.

Mage.AI, an MLOps platform for managing data pipelines, is vulnerable to unauthorised shell access, file leaks, and path traversal issues. These flaws enable attackers to control pipelines, expose configurations, and execute malicious commands, risking privilege escalation and data integrity breaches.

The path forward

JFrog’s findings highlight a critical gap in MLOps security. Many organisations fail to integrate AI/ML security with broader cybersecurity strategies, leaving blind spots. Attackers can exploit these vulnerabilities to embed malicious code in models, steal data, or manipulate outputs, creating widespread disruptions.

As ML and AI continue transforming industries, securing their frameworks, datasets, and models is essential. Robust security practices must be prioritised to protect the innovations that drive this growing field.

Hot this week

RedCurl group linked to new ransomware strain in first documented attack

Bitdefender uncovers RedCurl's first ransomware campaign, revealing QWCrypt's unique tactics and the group's evolving cyber threat model.

Nvidia in talks to acquire AI server rental company Lepton AI

Nvidia is reportedly in talks to acquire Lepton AI in a deal worth several hundred million dollars, expanding into AI-powered server rentals.

Intelโ€™s future in the GPU market looks uncertain

Intel may not release a high-end Battlemage GPU, and Arc Celestialโ€™s future is unclear, leaving gamers with limited options in a challenging market.

Samsungโ€™s new AI fridges help find lost phones and control smart homes

Samsung's new AI-powered fridges can help you find lost phones and control smart home devices with voice commands, making life easier and more connected.

Google Pixel 9a arrives in Singapore this April for S$799

The Google Pixel 9a launches in Singapore in April 2025 with a Tensor G4 chip, 48MP camera, and seven years of updates, starting at S$799.

Qualcomm expands AI research with MovianAI acquisition

Qualcomm has acquired Vietnamese AI research firm MovianAI to boost its AI development in smartphones, PCs, and software-defined vehicles.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Anthropic introduces Claude for Education, a new AI chatbot plan for universities

Anthropic launches Claude for Education, an AI chatbot plan for universities that offers advanced learning tools and administration support.

Exabeam introduces Nova, an agentic AI that boosts cybersecurity operations

Exabeam unveils Nova, a proactive AI agent that boosts security team productivity and reduces incident investigation time by over 50%.

Related Articles